Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-09-28 | CVE-2005-3104 | Remote Security vulnerability in SIX Apart Movable Type 3.16 mt-comments.cgi in Movable Type before 3.2 allows attackers to redirect users to other web sites via URLs in comments. | 2.6 |
| 2005-09-28 | CVE-2005-3103 | Cross-Site Scripting vulnerability in SIX Apart Movable Type 3.16 Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 allows remote attackers to inject arbitrary web script or HTML via the (1) title, (2) category, (3) body, (4) extended body, and (5) excerpt form fields in new blog entries. network six-apart | 4.3 |
| 2005-09-28 | CVE-2005-3102 | The administrative interface in Movable Type allows attackers to upload files with arbitrary extensions under the web root. | 5.0 |
| 2005-09-28 | CVE-2005-3101 | Information Disclosure vulnerability in SIX Apart Movable Type 3.17 The password reset feature in Movable Type before 3.2 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames. | 5.0 |
| 2005-09-28 | CVE-2005-3100 | Remote Denial of Service vulnerability in Astaro Security Linux 4.027 Unspecified "PPTP Remote DoS Vulnerability" in Astaro Security Linux 4.027 allows attackers to cause a denial of service. | 5.0 |
| 2005-09-28 | CVE-2005-3099 | Local Security vulnerability in Solaris Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code. | 4.6 |
| 2005-09-28 | CVE-2005-3098 | Local Arbitrary File Modification vulnerability in Qualcomm Qpopper 4.0.8 poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges via the -t (trace file) command line argument. | 4.6 |
| 2005-09-28 | CVE-2005-3097 | Directory Traversal vulnerability in AVI Alkalay Contribute.Cgi 16Jun2002 Directory traversal vulnerability in Avi Alkalay contribute.cgi (aka contribute.pl), dated 16 Jun 2002, allows remote attackers to overwrite arbitrary files via ".." sequences in the contribdir variable. | 5.0 |
| 2005-09-28 | CVE-2005-3096 | Scripts Arbitrary Remote Command Execution vulnerability in Alkalay.Net Avi Alkalay nslookup.cgi program, dated 16 June 2002, allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter. | 7.5 |
| 2005-09-28 | CVE-2005-3095 | Scripts Arbitrary Remote Command Execution vulnerability in Alkalay.Net Avi Alkalay notify program, dated 19 Aug 2001, allows remote attackers to execute arbitrary commands via shell metacharacters in the from parameter. | 7.5 |